- Company Name
- Hampton North
- Job Title
- Security Engineer
- Job Description
-
Job Title: Security Engineer
Role Summary:
Offensive-focused Security Engineer responsible for cloud, infrastructure, identity, and application security across the organization. Executes adversary simulations, hardening, detection engineering, tool development, and threat modeling to proactively mitigate risks.
Expectations:
- 4+ years in security engineering or related fields (red teaming, threat hunting).
- Deep understanding of attacker tactics, techniques, and procedures (MITRE ATT&CK).
- Proficiency in scripting (Python, PowerShell, Bash) for automation, testing, and tooling.
- Hands‑on experience with at least one major cloud provider (AWS, Azure, GCP).
- Ability to translate offensive findings into actual defensive controls.
Key Responsibilities:
- Conduct offensive security assessments across cloud, IAM, endpoint, and application layers.
- Build, refine, and deploy detections using threat emulation and detection‑as‑code.
- Engineer and harden security controls for IAM, endpoint, network, and cloud environments.
- Develop Python/PowerShell tools for offensive workflows, automation, and test harnesses.
- Perform threat modeling, attack path analysis, and collaborate with engineering to remediate risks.
- Enhance logging, telemetry, and alerting pipelines for improved detection coverage.
- Maintain an experimentation lab for exploits, malware, and emerging TTPs.
- Work cross‑functionally to guide secure design and strengthen overall posture.
Required Skills:
- Offense‑driven security, red-team, or threat‑hunting experience.
- Advanced knowledge of attacker TTPs (privilege escalation, lateral movement, cloud vectors).
- Strong scripting (Python, PowerShell, Bash).
- Cloud security assessment of at least one major provider (AWS, Azure, GCP).
- Familiarity with SIEM, vulnerability management, IAM, endpoint detection, and alerting pipelines.
- Excellent communication and stakeholder engagement.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- Relevant certifications such as OSCP, CEH, or equivalent offensive security credential highly preferred.